/*      $OpenBSD: ec_arithmetic.c,v 1.1 2025/08/03 08:29:39 jsing Exp $ */
/*
 * Copyright (c) 2022,2025 Joel Sing <jsing@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include <sys/time.h>

#include <err.h>
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
#include <unistd.h>

#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/objects.h>

static void
benchmark_ec_point_add(const EC_GROUP *group, EC_POINT *result,
    const BIGNUM *scalar, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
{
        if (!EC_POINT_add(group, result, a, b, ctx))
                errx(1, "EC_POINT_add");
}

static void
benchmark_ec_point_dbl(const EC_GROUP *group, EC_POINT *result,
    const BIGNUM *scalar, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
{
        if (!EC_POINT_dbl(group, result, a, ctx))
                errx(1, "EC_POINT_dbl");
}

static void
benchmark_ec_point_mul_generator(const EC_GROUP *group, EC_POINT *result,
    const BIGNUM *scalar, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx)
{
        if (!EC_POINT_mul(group, result, scalar, NULL, NULL, ctx))
                errx(1, "EC_POINT_mul");
}

struct benchmark {
        int curve;
        const char *desc;
        void (*func)(const EC_GROUP *, EC_POINT *, const BIGNUM *,
            const EC_POINT *, const EC_POINT *, BN_CTX *);
};

static const struct benchmark benchmarks[] = {
        {
                .curve = NID_X9_62_prime256v1,
                .desc = "EC_POINT_add() p256",
                .func = benchmark_ec_point_add,
        },
        {
                .curve = NID_secp384r1,
                .desc = "EC_POINT_add() p384",
                .func = benchmark_ec_point_add,
        },
        {
                .curve = NID_secp521r1,
                .desc = "EC_POINT_add() p521",
                .func = benchmark_ec_point_add,
        },
        {
                .curve = NID_X9_62_prime256v1,
                .desc = "EC_POINT_dbl() p256",
                .func = benchmark_ec_point_dbl,
        },
        {
                .curve = NID_secp384r1,
                .desc = "EC_POINT_dbl() p384",
                .func = benchmark_ec_point_dbl,
        },
        {
                .curve = NID_secp521r1,
                .desc = "EC_POINT_dbl() p521",
                .func = benchmark_ec_point_dbl,
        },
        {
                .curve = NID_X9_62_prime256v1,
                .desc = "EC_POINT_mul() generator p256",
                .func = benchmark_ec_point_mul_generator,
        },
        {
                .curve = NID_secp384r1,
                .desc = "EC_POINT_mul() generator p384",
                .func = benchmark_ec_point_mul_generator,
        },
        {
                .curve = NID_secp521r1,
                .desc = "EC_POINT_mul() generator p521",
                .func = benchmark_ec_point_mul_generator,
        },
};

#define N_BENCHMARKS (sizeof(benchmarks) / sizeof(benchmarks[0]))

static volatile sig_atomic_t benchmark_stop;

static void
benchmark_sig_alarm(int sig)
{
        benchmark_stop = 1;
}

static void
benchmark_run(const struct benchmark *bm, int seconds)
{
        struct timespec start, end, duration;
        EC_GROUP *group = NULL;
        EC_POINT *a = NULL, *b = NULL, *result = NULL;
        BIGNUM *order = NULL, *scalar = NULL;
        BN_CTX *ctx = NULL;
        int i;

        signal(SIGALRM, benchmark_sig_alarm);

        if ((ctx = BN_CTX_new()) == NULL)
                errx(1, "BN_CTX_new");

        if ((group = EC_GROUP_new_by_curve_name(bm->curve)) == NULL)
                errx(1, "EC_GROUP_new_by_curve_name");
        if ((order = BN_new()) == NULL)
                errx(1, "BN_new");
        if (!EC_GROUP_get_order(group, order, ctx))
                errx(1, "EC_GROUP_get_order");

        if ((scalar = BN_new()) == NULL)
                errx(1, "BN_new");
        if (!BN_rand_range(scalar, order))
                errx(1, "BN_rand_range");
        if (!BN_set_bit(scalar, EC_GROUP_order_bits(group) - 1))
                errx(1, "BN_set_bit");

        if ((result = EC_POINT_new(group)) == NULL)
                errx(1, "EC_POINT_new");
        if ((a = EC_POINT_new(group)) == NULL)
                errx(1, "EC_POINT_new");
        if ((b = EC_POINT_new(group)) == NULL)
                errx(1, "EC_POINT_new");

        if (!EC_POINT_mul(group, a, scalar, NULL, NULL, ctx))
                errx(1, "EC_POINT_mul");
        if (!EC_POINT_mul(group, b, scalar, NULL, NULL, ctx))
                errx(1, "EC_POINT_mul");

        benchmark_stop = 0;
        i = 0;
        alarm(seconds);

        clock_gettime(CLOCK_MONOTONIC, &start);

        fprintf(stderr, "Benchmarking %s for %ds: ", bm->desc, seconds);
        while (!benchmark_stop) {
                bm->func(group, result, scalar, a, b, ctx);
                i++;
        }
        clock_gettime(CLOCK_MONOTONIC, &end);
        timespecsub(&end, &start, &duration);
        fprintf(stderr, "%d iterations in %f seconds\n", i,
            duration.tv_sec + duration.tv_nsec / 1000000000.0);

        EC_GROUP_free(group);
        EC_POINT_free(result);
        EC_POINT_free(a);
        EC_POINT_free(b);
        BN_free(order);
        BN_free(scalar);
        BN_CTX_free(ctx);
}

static void
benchmark_ec_mul_single(void)
{
        const struct benchmark *bm;
        size_t i;

        for (i = 0; i < N_BENCHMARKS; i++) {
                bm = &benchmarks[i];
                benchmark_run(bm, 5);
        }
}

int
main(int argc, char **argv)
{
        int benchmark = 0, failed = 0;

        if (argc == 2 && strcmp(argv[1], "--benchmark") == 0)
                benchmark = 1;

        if (benchmark && !failed)
                benchmark_ec_mul_single();

        return failed;
}